Assistant prof shares best practices for Internet security

Michael Locasto, an assistant professor in the Department of Computer Science, answered questions from a group of oil company retirees about computer security. Photos courtesy ISPIAAbout a dozen retirees from Esso and Imperial Oil recently had a number of questions answered about computer security when they spent a few hours with Michael Locasto of the Institute for Security, Privacy and Information Assurance (ISPIA).

Locasto, an assistant professor in the Department of Computer Science in the Faculty of Science, is one of the multi-disciplinary researchers at ISPIA, which is devoted to research and education in information protection. He studies the security of computer systems, software defence mechanisms as well as intrusion defence and debugging.

When the Esso Annuitant Tech club approached ISPIA about learning more about security threats, Locasto was happy to help. “For us it seems like a perfect outreach opportunity,” he says. “People want information and we’re happy to provide it.”

The members of the club submitted a list of questions they wanted to discuss, including the different types of malware, e-mail security, WiFi passwords, financial transactions, web browsing safety, and best personal practices for security.

“You have to realize that compromises are going to happen and it’s likely that some part of your digital footprint will be stolen, or compromised,” says Locasto. “You have to prepare for that eventuality, and the best way to do that is to compartmentalize and very strongly isolate different parts of your digital persona.”

As thanks for the seminar, the group donated a 30-year old IBM terminal to the Institute for Security, Privacy and Information Assurance.Locasto uses different passwords for everything he does online and he employs different browsers for different services. He also suggests strictly segregating your work life from your home life and having a plan to delegate access to your different online resources.

“How do you know if your information is being stolen?” he says. ”Well you don’t, because it’s happening at the speed of electronics inside a sealed grey box. All of our intuition about how to stay safe in the physical world just does not carry over into the electronic world.” The group of retired engineers and professionals enjoyed the talk and presented Locasto with a 30-year old IBM terminal and a plaque thanking ISPIA for the seminar, held Feb. 20.

Locasto enjoyed it too. “Within our security Institute we have a wide range of expertise, and I think we are ideally placed to interact with the community in ways that go beyond the traditional classroom setting.”